It's possible to fool protection by inserting one tag into another.
vulners.com/securityvulns/securityvulns:doc:2811